HackDig : Dig high-quality web security articles for hacker

Dyn Research discovered traffic coming from North Korea running over the Russian TransTeleCom network, this is the second internet route of the regime.

North Korea gets a second Internet connection thanks to the support of a state-owned Russian firm. From the perspective of security analysts, this second connection will improve in a significant way the cyber capabilities of the North Korea undermining the US efforts to isolate the state.

The availability of a second line allows Pyongyang to improve significantly the resilience against attacks on their infrastructure.

The Russian firm TransTeleCom is the company that activated the second connection, the first one was provided by China Unicom starting at least since 2010.

The discovery of the second line was reported by experts at Dyn Research that monitors global internet connectivity.

“The possibility of disconnecting North Korea from the Internet just became much more difficult,” explained said Bryce Boland, the chief technology officer in the Asia-Pacific for security firm FireEye.

A few weeks ago, the US Cyber Command has launched a massive DDoS attack against North Korea’s Reconnaissance General Bureau (RGB). The attack hit the country infrastructure between September 22 and September 30.

North Korean infrastructure is vulnerable to such kind of attacks, for this reason, the improvement of its connectivity is a priority for Pyongyang.

“As part of the campaign, U.S. Cyber Command targeted hackers in North Korea’s military spy agency, the Reconnaissance General Bureau, by barraging their computer servers with traffic that choked off Internet access.” reported The Washington Post

“The Cyber Command operation, which was due to end Saturday, was part of the overall campaign set in motion many months ago. The effects were temporary and not destructive, officials said. Nonetheless, some North Korean hackers griped that lack of access to the Internet was interfering with their work, according to another U.S. official, who also spoke on the condition of anonymity to discuss a secret operation.”

North Korea is considered one of the most dangerous states in the cyberspace due to its aggressive conduct. It has a cyber army composed of 6,800 units of cyber soldiers that were already involved in operations against targets worldwide, including the Sony hack.

This isn’t the first time the North Korea infrastructure was targeted by foreign hackers, it has already happened shortly after the Sony attack and the attack was believed to be a US retaliation.